/*    */ package com.yizhilu.os.common.util;
/*    */ 
/*    */ import java.io.IOException;
/*    */ import java.util.Arrays;
/*    */ import java.util.List;
/*    */ import javax.servlet.Filter;
/*    */ import javax.servlet.FilterChain;
/*    */ import javax.servlet.FilterConfig;
/*    */ import javax.servlet.ServletException;
/*    */ import javax.servlet.ServletRequest;
/*    */ import javax.servlet.ServletResponse;
/*    */ import javax.servlet.http.HttpServletRequest;
/*    */ import javax.servlet.http.HttpServletResponse;
/*    */ import org.springframework.stereotype.Component;
/*    */ 
/*    */ @Component
/*    */ public class MyCORSFilter
/*    */   implements Filter
/*    */ {
//  private static final List<String> allowedOrigins = Arrays.asList(new String[] { "http://exam.quality-in.com", "http://www.quality-in.com" });
/*    */   private static final List<String> allowedOrigins = Arrays.asList("http://localhost:8082","http://localhost:8090");
/*    */   public void init(FilterConfig filterConfig) throws ServletException
/*    */   {
/*    */   }
/*    */ 
/*    */   public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException
/*    */   {
/* 39 */     HttpServletResponse response = (HttpServletResponse)servletResponse;
/* 40 */     HttpServletRequest request = (HttpServletRequest)servletRequest;
/*    */ 
/* 43 */     String origin = request.getHeader("Origin");
/* 44 */     response.setHeader("Access-Control-Allow-Origin", "*");
/* 44 */   //  response.setHeader("Access-Control-Allow-Origin", this.allowedOrigins.contains(origin) ? origin : "");
/* 45 */     response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
/* 46 */     response.setHeader("Access-Control-Max-Age", "3600");
/* 47 */     response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization");
/* 48 */     response.setHeader("Access-Control-Allow-Credentials", "true");
/* 49 */     filterChain.doFilter(servletRequest, servletResponse);
/*    */   }
/*    */ 
/*    */   public void destroy()
/*    */   {
/*    */   }
/*    */
         public static void dealUploadCors(HttpServletRequest request ,HttpServletResponse response){
             String origin = request.getHeader("Origin");
          //   response.addHeader("Access-Control-Allow-Origin",  allowedOrigins.contains(origin) ? origin : "");
             response.setHeader("Access-Control-Allow-Origin", "*");
             response.addHeader("Access-Control-Allow-Method", "POST");
             response.addHeader("Access-Control-Max-Age", "100");
             response.addHeader("Access-Control-Allow-Headers", "Content-Type");
             response.addHeader("Access-Control-Allow-Credentials", "false");
         }
}